The other day, I splurged on getting a wildcard SSL certificate for my website, www.iga-home.net. I felt that it was important to secure content on my site for my users as sensitive data is sent when users login or post content to the site. I bought a wildcard SSL certificate since I wanted to be able to secure all subdomains of iga-home.net and not be restricted to just iga-home.net or www.iga-home.net.

After I created the request on IIS for the certificate, I copied the output into my web browser on Comodo's website for requesting an SSL certificate. It seemed fairly straight forward. About 10-15 minutes later, I received an email with my SSL certificate attached in a zip file. I opened the zip file and saw my certificate with a .cert extension. I fiddled around for a while with trying to get this certificate installed through mmc and IIS's manager. When I tried to install my certificate through IIS, I kept receiving errors that IIS couldn't find my certificate request. I followed many tutorials and couldn't find a solution. I later found this page that said I should install these certificates first through mmc before I could install my purchased SSL certificate in IIS. After I installed these mentioned certificates, IIS accepted my certificate and I proceeded to adding SSL to my website. It's a shame that these certificates weren't bundled with the original zip file. It would have made life a lot easier.

My next task is to add a rewrite rule for sending all http requests to https requests. I also want to write a resource handler that caches remote resources on my server so that all resources are secure. In Google Chrome it will notify the user if some content displayed on a page is insecure and I want to remedy this problem.